Glad this thread got picked up again.
Quickly going over old ground, here is a real example of a template and
resultant html I am producing.
<tr onClick="
doReturnValues({
'account_details': [
'<tmpl_var name="acc_id">',
'<tmpl_var name="name_tx">',
'<tmpl_var name="company_tx">'
]
});
parent.close();"
>
<td><tmpl_var name="acc_id"> </td>
<td><tmpl_var name="name_tx"> </td>
<td><tmpl_var name="company"> </td>
</tr>
<tr onClick="
doReturnValues({
'account_details': [
'10',
'Mr. A Another's Brother',
'Another Company'
]
});
parent.close();"
>
<td>10 </td>
<td>Mr. A Another's brother </td>
<td>Another Company </td>
</tr>
The javascript in the onClick event of the row is broken because of the
character sequence - Another's
Since a single piece of data is used in several contexts I have to
escape in several ways. Which leaves me with a couple of options
1) I create several sets of the same data and pre filter for all the
various replacement contexts before handing over to html-tmpl for
substitution.
2) I post filter my html searching for js literal strings to escape.
Neither of these are very appealing.
The one thing I do know is the context of the replacement at tmpl design
time. Therefore it would be the perfect place to specify escape
filtering.
> Mmm, maybe. Or a way to add new escapes at runtime.
Sam - I like this. Maybe definitions could be held in a config file
that could be overridden at runtime. The file could include the
defaults already used (HTML , etc) and new ones could easily be added if
the need arose.
David Kaufman posted a patch he'd written for v2.4 that did the trick.
It includes a few more character sequences that croak as well.
Thanks for the help
Glenn
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Oh, it's good to be a geek.
http://thinkgeek.com/sf
_______________________________________________
Html-template-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/html-template-users
